CVE-2022-2106

Publication date

2022-06-27 16:15:32

Family

icscert

State

PUBLISHED

Description

Elcomplus SmartICS v2.3.4.0 does not validate the filenames sufficiently, which enables authenticated administrator-level users to perform path traversal attacks and specify arbitrary files.